Occasionally, you might need to transmit, store, edit and access different types of data for work purpose. No matter what format the data stored as, we are obliged to ensure proper security measures and controls are adopted on UM data to avoid data leakage, especially the confidential data. Some common causes of data leakage are human errors, weak password being cracked, stolen credentials, lost of devices, software vulnerabilities being used, insecure network connection, etc. Disclosure of confidential data may cause damage to the reputation of the University or may have certain legal implications. Therefore, please refer to the below tips to protect the data:

Protect data with password and encryption, erase old data
Ensure confidential data is handled as required by the “Guidelines of Confidentiality” and the “Guidelines for Handling Confidential Information”. For example, when you take or process the confidential data outside campus for official work purpose, the data must be protected with password and encryption with encryption tool. In addition, erase all confidential data on the device immediately after processing it.

Transmit and share data carefully
Before sending/replying/forwarding an email, please review the recipients’ email addresses, email content, attachments and ensure they are correct. For example, don’t contain too much personal information or unverified content such as rumors, exclude all unnecessary confidential data in the email history. Besides, when you share data to other people in computer systems, please ensure the privileges are set correctly.

Enable 2FA and use strong password
To minimize the probability of credentials being stolen and password being cracked, please enable Two-Factor Authentication (2FA) service and use strong password to protect your UM user account. Moreover, use different passwords for different accounts, in particular those for handling confidential data.

Protect your devices by biometric technologies
Besides using password lock, it is also recommended to use biometric technologies to protect your smart phone and tablet, i.e. fingerprint and facial recognition. It can minimize the probability of unauthorized people accessing your personal data, working email, online payment and bank information in case you lost or misplaced the device.

Update computer systems and devices, enable anti-virus software
Ensure the operating systems, web browsers and software on your electronic devices are updated to the latest version, and patch them for vulnerability as soon as possible to prevent attackers from being able to take advantage of the known problems or vulnerability. Please be reminded to enable the real-time protection and monitoring feature of anti-virus software, scan the computer regularly and keep the version up to date.

Be careful in using public WiFi networks and computers
Please always assume public WiFi network and computers are insecure as attackers may capture your data in the same public network or computer you are using. Thus, avoid performing financial or other transactions that involve confidential data while using public network and computers.

Should you have any enquiries, please feel free to contact ICTO Help Desk.